Required CVE Record Information
Description
Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 1 Total
- https://github.com/eyoucms/eyoucms/issues/14 x_transferred